diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-05-28 22:06:54 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-05-28 22:06:54 +0000 |
| commit | 09086136c9e26b0c97edbac7d0b78624a29e381a (patch) | |
| tree | d281bfcad7a6f2d7b92e25ccf0809d85048ece02 /etc | |
| parent | 5e4a316d9eafa5df369621fac39c5ece992e930d (diff) | |
| download | pfsense-09086136c9e26b0c97edbac7d0b78624a29e381a.zip pfsense-09086136c9e26b0c97edbac7d0b78624a29e381a.tar.gz | |
Swap images
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/captiveportal.inc | 6 | ||||
| -rw-r--r-- | etc/inc/filter.inc | 9 |
2 files changed, 9 insertions, 6 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 4c4e5a9..f4a8932 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -418,8 +418,10 @@ function captiveportal_allowedip_configure() { /* record allowed ip so it can be recognized and removed later */ fwrite($fd, $ipent['ip'] . "," . $ruleno ."\n"); - /* insert pf table item to allow traffic */ - mwexec("/sbin/pfctl -t captiveportal -T add {$ip}"); + /* insert pf table item to allow traffic */ + mwexec("echo \"pfctl -t captiveportal -T add {$ipent['ip']} \"> /tmp/tmp"); + echo "Adding {$ipent['ip']}"; + mwexec("/sbin/pfctl -t captiveportal -T add {$ipent['ip']}"); $ruleno = $ip; } diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 3b6201e..562602e 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -179,7 +179,7 @@ function filter_configure() { if($g['booting'] == true) echo "\t{$file}... "; eval($text); - if($g['booting'] == true) { + if($g['booting'] == true) echo "done.\n"; } } @@ -894,6 +894,7 @@ function filter_nat_rules_generate() { if(isset($config['captiveportal']['enable'])) { $cp_interface = filter_translate_type_to_real_interface($config['captiveportal']['interface']); $lan_ip = $config['interfaces']['lan']['ipaddr']; + $natrules .= "no rdr on {$cp_interface} from <captiveportal> to any\n"; $natrules .= "rdr on " . $cp_interface . " proto tcp from any to any port { 80 443 } -> {$lan_ip} port 8000\n\n"; } @@ -1667,9 +1668,9 @@ EOD; $lan_ip = $config['interfaces']['lan']['ipaddr']; $ipfrules .= "\n# Captive portal\n"; $ipfrules .= "table <captiveportal>\n"; - $ipfrules .= "pass in quick on {$cp_interface} proto tcp from any to {$lanip} port = 8000 keep state\n"; - $ipfrules .= "block drop in on {$cp_interface} from any to any\n"; - $ipfrules .= "pass in quick on {$cp_interface} from <captiveportal> to any keep state\n"; + $ipfrules .= "block in on {$cp_interface} from any to any\n"; + $ipfrules .= "pass in on {$cp_interface} proto tcp from any to {$lanip} port = 8000 keep state\n"; + $ipfrules .= "pass in on {$cp_interface} from <captiveportal> to any keep state\n"; } $ipfrules .= "\n# User-defined rules follow\n"; |
